Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the socket resource of management interface, leading to a DoS condition.
Conclusion & alert: CVE-2018-7920 is rated Moderate Risk (48.8/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.89%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-19 | 1.22% | 0.89% | -0.33% |
| 2 | 2026-06-15 | 0.28% | 1.22% | +0.95% |
| 3 | 2025-03-30 | — | 0.28% | — |
Full EPSS history (8 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 3.0 | HIGH |
|
3.9 | 3.6 | [email protected] |
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| huawei | ar1200_firmware | v200r006c10spc300 | cpe:2.3:o:huawei:ar1200_firmware:v200r006c10spc300:*:*:*:*:*:*:* |
| huawei | ar160_firmware | v200r006c10spc300 | cpe:2.3:o:huawei:ar160_firmware:v200r006c10spc300:*:*:*:*:*:*:* |
| huawei | ar200_firmware | v200r006c10spc300 | cpe:2.3:o:huawei:ar200_firmware:v200r006c10spc300:*:*:*:*:*:*:* |
| huawei | ar2200_firmware | v200r006c10spc300 | cpe:2.3:o:huawei:ar2200_firmware:v200r006c10spc300:*:*:*:*:*:*:* |
| huawei | ar3200_firmware | v200r006c10spc300 | cpe:2.3:o:huawei:ar3200_firmware:v200r006c10spc300:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-ar-en | Vendor Advisory |